#!/bin/bash
# ------------------------------------------------------------------
# [Leon Teale] pentesttool.sh
#          Pentest and Reporting Tool
# ------------------------------------------------------------------
#
# Todo:
#
# In the help menu, show the commands that will be run, for diagnostic purposes.
#
#
## Setting Coloured variables
red=`echo -e "\033[31m"`
lcyan=`echo -e "\033[36m"`
yellow=`echo -e "\033[33m"`
green=`echo -e "\033[32m"`
blue=`echo -e "\033[34m"`
purple=`echo -e "\033[35m"`
normal=`echo -e "\033[m"`

not_completed="$red✘$normal"
completed="$green✔$normal"

# --- Script Info -------------------------------------------

VERSION=2.4 #25/01/2017
SUBJECT=pentesttool31337
SETTINGS=$0_settings 
Title="Pentest Tool"




# --- pre-requisites -------------------------------------------
# Files can be found here: https://github.com/leonteale/pentestpackage/
# --- You will need to change the below to the correct folder ----
nessus_summary="/root/Desktop/Tools/ITG/Pen-Test-Tools/NessusParserSummary.py"
nessus_breakdown="/root/Desktop/Tools/ITG/Pen-Test-Tools/NessusParserBreakdown.py"
nmap_parser="/root/Desktop/Tools/ITG/Pen-Test-Tools/NmapParser.py"
nmap_portcount="/root/Desktop/Tools/ITG/Pen-Test-Tools/NmapPortCount.py"
whois_parser="/root/Desktop/Tools/ITG/Pen-Test-Tools/whoisbyip.sh"
#----- You should not need to change these -------
responder="$(which responder)"
nmap="$(which nmap)"
nikto="$(which nikto)"
wpscan="$(which wpscan)"
whois="$(which whois)"
snmpscan="$(which nmap)"


# --- Command variables -------------------------------------------

Primary_ip="$(ip -o addr | awk '!/^[0-9]*: ?lo|link\/ether/ {print $2" "$4}' | awk {'print $2'} | head -1 )"
Primary_ip_simple="$(ip -o addr | awk '!/^[0-9]*: ?lo|link\/ether/ {print $2" "$4}' | awk {'print $2'} | head -1 | cut -d / -f 1)"
Primary_eth="$(ip -o addr | awk '!/^[0-9]*: ?lo|link\/ether/ {print $2" "$4}' | awk {'print $1'} | head -1 )"
openshares_nmap_command="nmap -T4 -v -oA openshares_check --script smb-enum-shares --script-args smbuser=ANONuser,smbPass=ANONpassword -p445 $Primary_ip"
openshares_nmap_command_file="nmap -T4 -v -oA openshares_check --script smb-enum-shares --script-args smbuser=ANONuser,smbPass=ANONpassword -p445 -iL $openshares_scope"
responder_hashes_find_dev_null=$(find /usr/share/responder -maxdepth 1 -type f -mtime -1 | grep ".txt" > /dev/null 2>&1 )
responder_hashes_find=$(find /usr/share/responder -maxdepth 1 -type f -mtime -1 | grep .txt)
snmp_count=$(cat snmp_scan.txt  | grep "Valid credentials" -B5  | grep -vE 'latency|STATE' | grep '[^\.][0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}[^\.]'  | wc -l)
snmp_found=$(cat snmp_scan.txt  | grep "Valid credentials" -B5  | grep -vE 'latency|STATE' > snmp_found.txt)
live_hosts_count=$(cat livehosts.txt | wc -l)

# --- status checks -------------------------------------------

# -- pre-requisites --
prereq_is_root_status=$(if [[ $EUID -ne 0 ]]; then echo "$not_completed"; touch /tmp/pre-requisites-check.tmp ; else echo "$completed"; fi)
prereq_responder_status=$(if test -f "$responder" ; then echo "$completed" ; else echo "$not_completed"; touch /tmp/pre-requisites-check.tmp;fi)
prereq_nmap_status=$(if test -f "$nmap" ; then echo "$completed" ; else echo "$not_completed"; touch /tmp/pre-requisites-check.tmp;fi)
prereq_nikto_status=$(if test -f "$nikto" ; then echo "$completed" ; else echo "$not_completed"; touch /tmp/pre-requisites-check.tmp;fi)
prereq_wpscan_status=$(if test -f "$wpscan" ; then echo "$completed" ; else echo "$not_completed"; touch /tmp/pre-requisites-check.tmp;fi)
prereq_whois_status=$(if test -f "$whois" ; then echo "$completed" ; else echo "$not_completed"; touch /tmp/pre-requisites-check.tmp;fi)
prereq_nessus_summary_status=$(if test -f "$nessus_summary" ; then echo "$completed" ; else echo "$not_completed"; touch /tmp/pre-requisites-check.tmp;fi)
prereq_nessus_breakdown_status=$(if test -f "$nessus_breakdown" ; then echo "$completed" ; else echo "$not_completed"; touch /tmp/pre-requisites-check.tmp;fi)
prereq_nmap_parser_status=$(if test -f "$nmap_parser" ; then echo "$completed" ; else echo "$not_completed"; touch /tmp/pre-requisites-check.tmp;fi)
prereq_nmap_portcount_status=$(if test -f "$nmap_portcount" ; then echo "$completed" ; else echo "$not_completed"; touch /tmp/pre-requisites-check.tmp;fi)
prereq_whois_parser_status=$(if test -f "$whois_parser" ; then echo "$completed" ; else echo "$not_completed"; touch /tmp/pre-requisites-check.tmp;fi)
prereq_snmpscan_status=$(if test -f "$snmpscan" ; then echo "$completed" ; else echo "$not_completed"; touch /tmp/pre-requisites-check.tmp;fi)

# -- testing --
status_nmap_full_tcp=$(if test -f "nmap-tcp-full.nmap"; then echo "$completed" ; else echo "$not_completed";fi)
status_nmap_quick_tcp=$(if test -f "nmap-quick-tcp-scan.nmap"; then echo "$completed" ; else echo "$not_completed";fi)
status_nmap_top_udp=$(if test -f "nmap-top-udp-scan.nmap"; then echo "$completed" ; else echo "$not_completed";fi)
status_nmap_developer=$(if test -f "nmap-developer-scan.nmap"; then echo "$completed" ; else echo "$not_completed";fi)
status_nmap_all=$(if [[ -f nmap-developer-scan.nmap && -f nmap-tcp-full.nmap && -f nmap-quick-tcp-scan.nmap && -f nmap-top-udp-scan.nmap ]]; then echo "$completed" ; else echo "$not_completed";fi)
status_nikto=$(if test -f "nikto_output.csv"; then echo "$completed" ; else echo "$not_completed";fi)
status_wpscan=$(if test -f "wpscan_output.txt"; then echo "$completed" ; else echo "$not_completed";fi)
status_whois=$(if test -f "whois_output.csv"; then echo "$completed" ; else echo "$not_completed";fi)
status_openshares=$(if test -f "openshares.txt"; then echo "$completed" ; else echo "$not_completed";fi)
status_nessus=$(if test -f "nessus_output.csv"; then echo "$completed" ; else echo "$not_completed";fi)
status_openvas=$(if test -f "nmap_output.csv"; then echo "$completed" ; else echo "$not_completed";fi)
status_netbiosspoofing=$(if test -f "netbios_raw.txt"; then echo "$completed" ; else echo "$not_completed";fi)
status_openshares=$(if test -f "openshares.txt"; then echo "$completed" ; else echo "$not_completed";fi)
status_live_host_scan=$(if test -f "livehosts.txt"; then echo "$completed" ; else echo "$not_completed";fi)
status_snmpscan=$(if test -f "snmp_scan.txt"; then echo "$completed" ; else echo "$not_completed";fi)

# -- reporting --
status_reporting_nessus_summary=$(if test -f "newfile.csv"; then echo "$completed" ; else echo "$not_completed";fi)
status_reporting_nessus_breakdown=$(if test -f "output.txt"; then echo "$completed" ; else echo "$not_completed";fi)
status_reporting_nmap_parser=$(if test -f ""; then echo "$completed" ; else echo "$not_completed";fi)
status_reporting_nmap_port_count=$(if test -f "data_nmap.csv"; then echo "$completed" ; else echo "$not_completed";fi)
status_reporting_whois_parser=$(if test -f "whois_output.csv"; then echo "$completed" ; else echo "$not_completed";fi)
status_reporting_burp_parser=$(if test -f "nmap_output.csv"; then echo "$completed" ; else echo "$not_completed";fi)
status_reporting_nikto_parser=$(if test -f "nmap_output.csv"; then echo "$completed" ; else echo "$not_completed";fi)



# --- Locks -------------------------------------------------------
LOCK_FILE=/tmp/$SUBJECT.lock
if [ -f "$LOCK_FILE" ]; then
   echo "Script is already running..."
   echo "$red /tmp/$SUBJECT.lock $normal"
   exit
fi

trap "rm -f $LOCK_FILE" EXIT
touch $LOCK_FILE

# --- Checks for pre-requisites -----------------------------------
		clear
		echo "---------------------------------"
		echo "$yellow $Title v$VERSION$normal"
		echo "---------------------------------$lcyan"
		echo " Checking for pre-requisites..."
		echo "$normal---------------------------------"
		echo " Root permissions          [$prereq_is_root_status]";sleep 0.3
		echo " Responder                 [$prereq_responder_status]";sleep 0.3
		echo " NMAP                      [$prereq_nmap_status]";sleep 0.3
		echo " Nikto                     [$prereq_nikto_status]";sleep 0.3
		echo " WPScan                    [$prereq_wpscan_status]";sleep 0.3
		echo " Whois                     [$prereq_whois_status]";sleep 0.3
		echo " SNMP                      [$prereq_snmpscan_status]";sleep 0.3
		echo " "
		echo " Nessus Summary script     [$prereq_nessus_summary_status]";sleep 0.3
		echo " Nessus Breakdown script   [$prereq_nessus_breakdown_status]";sleep 0.3
		echo " NMAP Parser script        [$prereq_nmap_parser_status]";sleep 0.3
		echo " NMAP Port Count script    [$prereq_nmap_portcount_status]";sleep 0.3
		echo " Whois Parser script       [$prereq_whois_parser_status]";sleep 0.3
		echo "---------------------------------"

		echo ""
		if test -f "/tmp/pre-requisites-check.tmp"; 
			then 
				echo "$red pre-requisites not met! - Maybe you need to update the script locations?$normal"
				echo ""
				read -e -p "Continue anyway? [Y/n]" confirm

												if [[ $confirm = n ]];
													then 
														rm -f /tmp/pre-requisites-check.tmp
														exit 1
												fi
			else
				echo "$green All pre-requisites met :)$normal"
			fi
		



#---- Body ---------------------------------------------------------

while true
	do
		sleep 2
		clear
		echo "---------------------------------"
		echo "$yellow $Title v$VERSION$normal"
		echo "---------------------------------$lcyan"
		echo -n -e "Current Working Dir: "
		pwd
		echo "$(ip -o addr | awk '!/^[0-9]*: ?lo|link\/ether/ {print $2" "$4}')"
		echo "$normal---------------------------------"
		echo " 1) Testing"
		echo " 2) Reporting"
		echo " "
		echo " 3) Check for updates"
		echo " 4) Help"
		echo ""
		echo " 0) exit"
		echo "---------------------------------"

		read Tool_opt
		case $Tool_opt in

			1)  ###### Start Testing Tool ############

				while true
					do
						clear
						echo "----------------------------------"
						echo "$yellow $Title v$VERSION$normal - Testing"
						echo "----------------------------------$lcyan"
						echo -n -e "Current Working Dir: "
						pwd
						echo "$(ip -o addr | awk '!/^[0-9]*: ?lo|link\/ether/ {print $2" "$4}')"
						echo "$normal----------------------------------"
						echo " 1) Nmap Scan         [$status_nmap_all]"
						echo " 2) Nikto Scan        [$status_nikto]"
						echo " 3) WPScan            [$status_wpscan]"
						echo " 4) Whois Scan        [$status_whois]"
						echo " 5) Netbios Spoofing  [$status_netbiosspoofing]"
						echo " 6) Open Share finder [$status_openshares]"
						echo " 7) SNMP scan         [$status_snmpscan]"
						echo " 8) Live host scan    [$status_live_host_scan]"
						echo " 9) Nessus Scan       [$status_nessus]"
						echo ""
						echo "------ Work in progress ---------"
						echo ""
						echo " x) Openvas Scan      [$status_openvas]"
						echo " x) SSL Scan          [$status_sslscan]"
						echo ""
						echo " 0) exit"
						echo "----------------------------------"

						read Test_opt
						case $Test_opt in

							1)  ###### Start of nmap tool ##########
								while true
									do
										clear
										echo "---------------------------------"
										echo "$yellow $Title v$VERSION$normal - Testing"
										echo "---------------------------------$lcyan"
										echo -n -e "Current Working Dir: "
										pwd
										echo "$(ip -o addr | awk '!/^[0-9]*: ?lo|link\/ether/ {print $2" "$4}')"
										echo "$normal---------------------------------"
										echo " 1) Full TCP Scan      [$status_nmap_full_tcp]"
										echo " 2) Quick TCP Scan     [$status_nmap_quick_tcp]"
										echo " 3) Top UDP Scan       [$status_nmap_top_udp]"
										echo " 4) Developer Testing  [$status_nmap_developer]"
										echo ""
										echo " 0) exit"
										echo "---------------------------------"

										read nmap_opt
										case $nmap_opt in

											1)  read -e -p "Enter scope file: " nmap_scope
												echo ""
												read -e -p "Run Full TCP Scan against $nmap_scope, are you sure? [Y/n]" confirm

												if [[ $confirm = n ]];
													then 
														echo "Press Enter to return"
														echo ""
														read enterkey;
													else
														echo ""
														scope="$nmap_scope"
														echo "Running Nmap.."
														echo ""
														nmap -sS -n -v -T4 -O -Pn -A -p- -iL $scope -oA nmap-tcp-full
														echo ""
														echo "Scan Finished.."
														status_nmap_full_tcp=$completed
												fi
												read enterkey;;
											
											2)  read -e -p "Enter scope file: " nmap_scope
												echo ""
												read -e -p "Run Quick TCP Scan against $nmap_scope, are you sure? [Y/n]" confirm

												if [[ $confirm = n ]];
													then 
														echo "Press Enter to return"
														echo ""
														read enterkey;
													else
														echo ""
														scope="$nmap_scope"
														echo "Running Nmap.."
														echo ""
														nmap -sS -n -v -T4 -Pn -O -oA nmap-quick-tcp-scan -iL $scope
														echo ""
														echo "Scan Finished.."
														status_nmap_quick_tcp=$completed
												fi
												read enterkey;;

											3)  read -e -p "Enter scope file: " nmap_scope
												echo ""
												read -e -p "Run Top UDP Scan against $nmap_scope, are you sure? [Y/n]" confirm

												if [[ $confirm = n ]];
													then 
														echo "Press Enter to return"
														echo ""
														read enterkey;
													else
														echo ""
														scope="$nmap_scope"
														echo "Running Nmap.."
														echo ""
														nmap -sU -T4 -v -v -iL $scope -oA nmap-top-udp-scan -Pn --top-ports 1024
														echo ""
														echo "Scan Finished.."
														status_nmap_top_udp=$completed
												fi
												read enterkey;;

											4)  read -e -p "Enter scope file: " nmap_scope
												echo ""
												read -e -p "Run Developer Scan against $nmap_scope, are you sure? [Y/n]" confirm

												if [[ $confirm = n ]];
													then 
														echo "Press Enter to return"
														echo ""
														read enterkey;
													else
														echo ""
														scope="$nmap_scope"
														echo "Running Nmap.."
														echo ""
														nmap -p 80 -iL $scope -oA nmap-developer-scan
														echo ""
														echo "Scan Finished.."
														status_nmap_developer=$completed
												fi
												read enterkey;;

											

											0) 	break
											    ;;

											*)  echo "That is not a valid choice"
											    ;;
										esac
									done
									read enterkey;;
							        ##### End nmap Tool ########

								
							
							2)  ###### Nikto scan #####
								read -e -p "Enter Domain: " nikto_domain
								echo ""
								read -e -p "Run Nikto scan against $nikto_domain, are you sure? [Y/n]" confirm

								if [[ $confirm = n ]];
									then 
										echo "Press Enter to return"
										echo ""
										read enterkey;
									else
										echo ""
										scope="$nikto_domain"
										echo "Running Nikto.."
										echo ""
										nikto -host=$nikto_domain -Format=csv -output=nikto_output.csv -nointeractive
										echo ""
										echo "Scan Finished.."
										status_nikto=$completed
								fi								
								read enterkey;;							
							    ###### End Nikto scan #####

							3)  ###### WPScan #######
								read -e -p "Enter Domain: " wpscan_domain
								echo ""
								read -e -p "Run WPScan against $wpscan_domain, are you sure? [Y/n]" confirm

								if [[ $confirm = n ]];
									then 
										echo "Press Enter to return"
										echo ""
										read enterkey;
									else
										echo ""
										scope="$wpscan_domain"
										echo "Running WPScan.."
										echo ""
										wpscan --url $wpscan_domain --batch --follow-redirection --enumerate u| tee wpscan_output.txt
										echo ""
										echo "Scan Finished.."
										echo ""
										echo "Output saved to $(pwd)/wpscan_output.txt"
										status_wpscan=$completed
								fi				
								read enterkey;;
								###### End WPScan #####


							4)  #### Start Whois scan ######
								read -e -p "Enter scope file: " whois_scope
								echo ""
								read -e -p "Run Whois Scan against $whois_scope, are you sure? [Y/n]" confirm
									if [[ $confirm = n ]];
										then 
											echo "Press Enter to return"
											echo ""
											read enterkey;
										else
											echo ""
											echo "Running Whois.."
											echo ""
											$whois_parser $whois_scope | tee whois_output.csv
											echo ""
											echo "Scan Finished.."
											echo ""
											echo "Output saved to $(pwd)/whois_output.csv"
											status_whois=$completed
									fi
								read enterkey;;
								#### End Whois scan ############			

							5)  #### Start Netbios spoofing ######
								echo ""
								echo "Available Interfaces:"
								echo "$(ip -o addr | awk '!/^[0-9]*: ?lo|link\/ether/ {print $2" "$4}')"
								echo ""
								read -e -p "Enter source IP [$Primary_ip_simple]: " responder_ip
										echo ""
											if [[ $responder_ip = "" ]]
												then 
													responder_ip=$Primary_ip_simple
											fi
										read -e -p "Run NetBIOS spoofing attack against $responder_ip, are you sure? [Y/n]" confirm
											if [[ $confirm = n ]];
												then 
													echo "Press Enter to return"
													echo ""
													read enterkey;
												else
													echo ""
													echo "running responder"
													echo ""
													responder -i $responder_ip -f -w -F -v
													echo ""
													if  $responder_hashes_find_dev_null
															then
																echo "Hashes found..($green$(ls $responder_hashes_find | wc -l)$normal)"
																echo ""
																ls $responder_hashes_find
																 for found_hash in $(ls $responder_hashes_find); do cp $found_hash . ;done
																echo ""
																echo "Files copied to $(pwd)"
																echo ""
																echo "finished"
																$responder_hashes_find_dev_null

																else
																echo "No hashes found"
													fi
											fi

								read enterkey;;
								#### End netbios spoofing ############

							6)  #### Start Open network share finder ######
								echo ""
								echo "Available Interfaces:"
								echo "$(ip -o addr | awk '!/^[0-9]*: ?lo|link\/ether/ {print $2" "$4}')"
								echo ""
								read -e -p "Enter network range or scope file [$Primary_ip]: " openshares_scope
										echo ""
											if [[ $openshares_scope = "" ]]
												then 
													openshares_scope=$Primary_ip
											elif [ -f $openshares_scope ]
												then
													openshares_nmap_command=$openshares_nmap_command_file
											fi
										read -e -p "Run open network share scan against $openshares_scope, are you sure? [Y/n]" confirm
											if [[ $confirm = n ]];
												then 
													echo "Press Enter to return"
													echo ""
													read enterkey;
												else
													echo ""
													scope="$openshares_scope"
													echo "Running Open Shares scan.."
													echo ""
													$openshares_nmap_command
													echo "" 
													echo "Scan Finished.."
													echo ""
													echo "Output saved to $(pwd)/openshares_check.nmap"
													echo ""
													echo "Parsing results..."
													cat openshares_check.nmap|grep '|\|192'|awk '/[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/ { line=$0 } /\|/ { $0 = line $0}1'|grep \||grep -v -E '(smb-enum-shares|access: <none>|ADMIN\$|C\$|IPC\$|U\$|access: READ)'|awk '{ sub(/Nmap scan report for /, ""); print }'
													echo ""
													echo "Parser Finished.."
													echo ""
													echo "Output saved to $(pwd)/openshares.txt"
													status_openshares=$completed
											fi
								read enterkey;;
								#### End ****** ############

								7)  ###### SNMP scan #######
												read -e -p "Enter scope file: " SNMP_scope
												echo ""
												read -e -p "Run SNMP Scan against $SNMP_scope, are you sure? [Y/n]" confirm

												if [[ $confirm = n ]];
													then 
														echo "Press Enter to return"
														echo ""
														read enterkey;
													else
														echo ""
														scope="$SNMP_scope"
														echo "Running SNMP scan.."
														echo ""
														#######
												nmap -sU --script snmp-brute -iL $SNMP_scope -p161 > snmp_scan.txt
														echo "Scan Finished.."
														echo ""
														if [[ $snmp_count ]]; then
															echo "SNMP hosts found ($green$snmp_count$normal)"
															$snmp_found
														else
															echo "$red No hosts found using Public or Private SNMP string$normal"
														fi
														status_snmpscan=$completed
												fi
								read enterkey;;
								####### End SNMP scan#######

								8)  ###### Live host scan #######
												read -e -p "Enter scope file: " host_list
												echo ""
												read -e -p "Run Live Host Scan against $host_list, are you sure? [Y/n]" confirm

												if [[ $confirm = n ]];
													then 
														echo "Press Enter to return"
														echo ""
														read enterkey;
													else
														echo ""
														scope="$host_list"
														echo "Running Live host check..Using nmap ping sweep"
														echo ""
														nmap -n -sn -vv -iL $scope | grep -v 'host down' | grep Nmap | awk {'print $5'} | grep -v addresses| grep -vE 'nmap.org' > livehosts.txt
														echo ""
														echo "Scan Finished.."

														# echo "Running Live host check..Using netdiscover"
														# echo ""
														# ##command here > livehosts_netdiscover.txt
														# echo ""
														# echo "Scan Finished.."
																												
														if [[ $live_hosts_count ]]; then
																echo "Live hosts found ($green$live_hosts_count$normal)"
																echo ""
																echo "Output saved to $(pwd)/livehosts.txt"															
															else
																echo "$red No live hosts found$normal"


														fi
														status_live_host_scan=$completed
												fi
								read enterkey;;
								####### End Live host scan #######

							9)  ###### Start Nessus scan #######
								
												read -e -p "Enter scope file: " nessus_scope
												echo ""
														#----------------------------------------------------------------------------------------------------------------
														# If you wish to hardcode the settings instead of promtping, simply comment out SECTION 1 and uncomment SECTION 2
														# ---------------------------------------------------------------------------------------------------------------


														### SECTION 1 ####
															echo -n "$yellow Enter Nessus IP:$normal "
															read nessus_ip

															echo -n "$yellow Enter Nessus User:$normal "
															read nessus_user

															echo -n "$yellow Enter Nessus Pass:$normal "
															read -s nessus_pass
														### END SECTION 1 ####

														### SECTION 2 ####
															# nessus_ip="192.168.1.83"
															# nessus_user="admin user"
															# nessus_pass="password"
														### END SECTION 2 ####
														
														echo ""
														
														#Get nessus token
														curl -s -k -X POST -H 'Content-Type: application/json' -d '{"username":"'$nessus_user'","password":"'$nessus_pass'"}' https://$nessus_ip:8834/session  |  cut -d : -f 2 | cut -d \" -f 2 > nessus_token.txt 
														nessus_token=$(cat nessus_token.txt)

													   #Get nessus Policies
														curl -s -k -H "X-Cookie: token=$nessus_token" https://$nessus_ip:8834/editor/policy/templates | python -m json.tool > nessus_policies.txt 
														
														#Create a nice jason table of policy titles and uuids
														paste <(cat nessus_policies.txt | grep "title"  | cut -d \" -f4) <(cat nessus_policies.txt | grep "uuid"  | cut -d \" -f4)|  sed -e 's/\t/_|/g' |  column -t -s '_' | awk '1;!(NR%1){print "----------------------------------------------------------------------------------";}' > nessus_policies_table.txt

														default_nessus_policy_uuid="$(cat nessus_policies_table.txt |grep "Basic Network Scan" | awk {'print $4'} | cut -d \| -f 2)"

														#List Nessus policy UUIDs
														cat nessus_policies_table.txt
														echo "$green Popular:$normal"
														echo "$green----------------------------------------------------------------------------------$normal"
														cat nessus_policies_table.txt | grep -E "Basic Network Scan|Web Application Tests"
														echo "$green----------------------------------------------------------------------------------$normal"

														echo ""

														#Prompt for Nessus policy to use to scan
														read -e -p "$yellow Enter policy UUID:$normal " nessus_policy_uuid

														#check for user input
														nessus_uuid_choice=$(cat nessus_policies_table.txt | grep $nessus_policy_uuid | cut -d \| -f 1)
														echo ""
																														
														#Confirm runningi scan
														echo ""
														read -e -p "Run $yellow$nessus_uuid_choice$normal against $yellow$nessus_scope$normal, are you sure? [Y/n]" confirm
															if [[ $confirm = n ]];
																then 
																	echo "Press Enter to return"
																	echo ""
																	read enterkey;
																else
																	echo ""
																	echo "Running Nessus scan.."
																	echo ""
																	
																	read -e -p "nessus scan name: " nessus_scan_name
																	read -e -p "Scan description: " nessus_scan_description
																	echo ""

																	#Expand scope file into a single comma seperated string
																	nessus_text_targets=$(cat $nessus_scope | sed -e :a -e '/$/N; s/\n/\, /; ta')
																
																	#Create nessus scan
	
																	curl -s -k -X POST -H "X-Cookie: token=$nessus_token" -H 'Content-Type: application/json' -d '{"uuid": "'"${nessus_policy_uuid}"'", "settings": {"name": "'"${nessus_scan_name}"'", "description": "'"${nessus_scan_description}"'", "text_targets": "'"${nessus_text_targets}"'"}}' https://$nessus_ip:8834/scans | python -m json.tool > nessus_new_scan.txt

																	#Ask if user woudl like to launch straight away
																	echo "$yellow This will launch against the following scope: $normal$nessus_text_targets"
																	read -e -p "$yellow Would you like to launch the scan straight away? [Y/n]$normal" confirm
																		if [[ $confirm = n ]];
																			then 
																				echo "Ok, you can launch the scan manually from within the Nessus web portal: https://$nessus_ip:8834"
																				echo "Press enter to continue"
																				read enterkey;
																			else
																				echo ""

																				nessus_scan_id="$(cat nessus_new_scan.txt | grep "\"id\"" | cut -d : -f 2 | cut -d , -f1| xargs)"
																				nessus_scan_uuid="$(cat nessus_new_scan.txt | grep "\"uuid\"" | cut -d : -f 2 | cut -d \" -f 2)"
																				nessus_scan_name="$(cat nessus_new_scan.txt  | grep "name" | cut -d : -f 2| cut -d \" -f 2)"

																				echo "$green Launching Nessus scan against $yellow$nessus_scan_name...$normal"
																				echo ""
																				
																				curl -s -k -X POST -H "X-Cookie: token=$nessus_token" -d '{"uuid": "'"${nessus_scan_uuid}"'"}}' https://$nessus_ip:8834/scans/$nessus_scan_id/launch
																				echo ""

																				echo "Scan started. You can check on the progress here: https://$nessus_ip:8834/scans/$nessus_scan_id/history"
																				echo ""
																				echo "Press Enter to continue"
																		fi
																	#cleanup
																	[[ -f "nessus_token.txt" ]] && rm "nessus_token.txt"
																	[[ -f "nessus_policies_table.txt" ]] && rm "nessus_policies_table.txt"
																	[[ -f "nessus_policies.txt" ]] && rm "nessus_policies.txt"
																	[[ -f "nessus_new_scan.txt" ]] && rm "nessus_new_scan.txt"

																	status_nessus=$completed
															fi
								read enterkey;;
								####### End Nessus#######

							x) #### Start OpenVAS scan ######
									echo "Under construction.."
												# read -e -p "OpenVAS must be configured already within your host operating system. Ar you ready to continue, else it will fail [Y/n]" confirm
												# if [[ $confirm = n ]];
												# 	then 
												# 		echo "Press Enter to return"
												# 		echo ""
												# 		read enterkey;
												# 	else
												# 		read -e -p "Enter scope file: " openvas_scope
												# 		echo ""
												# 		read -e -p "Run Openvas Scan against $openvas_scope, are you sure? [Y/n]" confirm
												# 			if [[ $confirm = n ]];
												# 				then 
												# 					echo "Press Enter to return"
												# 					echo ""
												# 					read enterkey;
												# 				else
												# 					echo ""
												# 					scope="$openvas_scope"
												# 					echo "Running Openvas.."
												# 					echo ""
												# 					#######
												# 					echo ""
												# 					echo "Scan Finished.."
												# 					status_openvas=$completed
												# 			fi
												# fi
								read enterkey;;
								#### End OpenVas ############			

							0) 	break
							    ;;

							*)  echo "That is not a valid choice"
							    ;;
						esac
					done
					read enterkey;;
			        ##### End Testing Tool ########


			2)  ###### Start Reporting Tool ############

				while true
					do
						clear
						echo "---------------------------------"
						echo "$yellow $Title v$VERSION$normal - Reporting"
						echo "---------------------------------$lcyan"
						echo -n -e "Current Working Dir: "
						pwd
						echo "$(ip -o addr | awk '!/^[0-9]*: ?lo|link\/ether/ {print $2" "$4}')"
						echo "$normal---------------------------------"
						echo " 1) Nessus Summary   [$status_reporting_nessus_summary]"
						echo " 2) Nessus breakdown [$status_reporting_nessus_breakdown]"
						echo " 3) Nmap Parser      [$status_reporting_nmap_parser]"
						echo " 4) Nmap Port Count  [$status_reporting_nmap_port_count]"
						echo " 5) Whois Parser     [$status_reporting_whois_parser]"
						echo ""
						echo "------ Work in progress ---------"
						echo ""
						echo " 6) Burp Parser      [$status_reporting_burp_parser]"
						echo " 7) Nikto Parser     [$status_reporting_nikto_parser]"
						echo ""
						echo " 0) exit"
						echo "---------------------------------"

						read Rep_opt
						case $Rep_opt in

							1) 	read -e -p "Enter Nessus File: " nessus
								echo ""
								read -e -p "Parse $nessus, are you sure? [Y/n]" confirm

									if [[ $confirm = n ]];
										then 
											echo "Press Enter to return"
											echo ""
											read enterkey;
										else
											echo ""
											nessus_file="$nessus"
											echo "Running Nessus Parser.."

											#Run nessus summary
											$nessus_summary $nessus_file
											echo ""
											echo "Parser finished.."
											status_reporting_nessus_summary=$completed
											echo ""
											echo "Output saved:"
											pwd echo -n "newfile.csv"
											echo ""


											# Summmary
											echo "Summary:"
											echo -n -e "$purple Critical: \t"
											echo "$(cat newfile.csv  | cut -d , -f 2 | grep -i critical | wc -l)"
											echo -n -e "$red High:      \t"
											echo "$(cat newfile.csv  | cut -d , -f 2 | grep -i high | wc -l)"
											echo -n -e "$yellow Medium:     \t"
											echo "$(cat newfile.csv  | cut -d , -f 2 | grep -i medium | wc -l)"
											echo -n -e "$green Low:\t\t"
											echo "$(cat newfile.csv  | cut -d , -f 2 | grep -i low | wc -l)"
											echo -n -e "$blue Info: \t\t"
											echo "$(cat newfile.csv  | cut -d , -f 2 | grep -i info | wc -l)$normal"

									fi
								read enterkey;;

							2)  read -e -p "Enter Nessus File: " nessus
								echo ""
								read -e -p "Parse $nessus, are you sure? [Y/n]" confirm
									if [[ $confirm = n ]];
										then 
											echo "Press Enter to return"
											echo ""
											read enterkey;
										else
											#Run nessus breakdown
											nessus_file="$nessus"
											$nessus_breakdown $nessus_file
											echo ""
											echo "Parser finished.."
											status_reporting_nessus_breakdown=$completed
											echo ""
											echo "Output saved:"
											pwd echo -n "output.txt"
											echo ""

											###Summary
											#need to put a summary here
									fi
								read enterkey;;

							3)  read -e -p "Enter Nmap File: " nmap_file
								echo ""
								read -e -p "Parse $nmap_file, are you sure? [Y/n]" confirm
								echo ""
									if [[ $confirm = n ]];
										then 
											echo "Press Enter to return"
											echo ""
											read enterkey;
										else
											#Run nmap parser
											echo "Running Nmap Parser.."
											$nmap_parser $nmap_file
											echo ""
											echo "Parser finished.."
											status_reporting_nmap_parser=$completed
											echo ""
											echo -n "Output saved:"
											pwd echo -n "newfile.csv"
											echo ""

											##Summary
											#need to put a summary here
									fi
								read enterkey;;

							4)  read -e -p "Enter Nmap File: " nmap_file
								echo ""
								read -e -p "Parse $nmap_file, are you sure? [Y/n]" confirm
								echo ""
									if [[ $confirm = n ]];
										then 
											echo "Press Enter to return"
											echo ""
											read enterkey;
										else
											#Run nmap port count
											echo "Running Nmap Port Count.."
											$nmap_portcount $nmap_file
											echo ""
											echo "Parser finished.."
											status_reporting_nmap_port_count=$completed
											echo ""
											echo -n "Output saved: "
											pwd echo -n "data_nmap.csv"
											echo ""
											
											# Summmary
											echo "Summary: Hosts ($yellow$(cat data_nmap.csv | grep -vE 'Filtered' | wc -l)$normal)"
											echo -n -e "$green Open Ports: \t"
											echo "$(cat data_nmap.csv  | cut -d , -f 2 | awk '{s+=$1} END {print s}')"
											echo -n -e "$red Closed Ports: \t"
											echo "$(cat data_nmap.csv  | cut -d , -f 4 | awk '{s+=$1} END {print s}')"
									fi
								read enterkey;;

							5)  read -e -p "Enter Whois scope: " whois_scope
								echo ""
								read -e -p "Parse $whois_scope, are you sure? [Y/n]" confirm
								echo ""
									if [[ $confirm = n ]];
										then 
											echo "Press Enter to return"
											echo ""
											read enterkey;
										else
											#Run nmap port count
											echo "Running Nmap Port Count.."
											$whois_parser $whois_scope
											echo ""
											echo "Parser finished.."
											status_reporting_whois_parser=$completed
											echo ""
											echo -n "Output saved: "
											pwd echo -n "whois_output.csv"
											echo ""
											
											# Summmary
											#need a summary here
									fi
								read enterkey;;

							0) 	break
							    ;;

							*)  echo "That is not a valid choice"
							    ;;
						esac
					done
					read enterkey;;
			        ##### End Reporting Tool ########

			3)  	wget -q --spider https://raw.githubusercontent.com -T 1; if [ $? -eq 0 ]; then > /dev/null && touch "/tmp/pentesttool31337.internetcheck.txt";fi
			    	if [ -f "/tmp/pentesttool31337.internetcheck.txt" ]; then
			    		echo ""
					    echo "Current version: $VERSION"
					    echo "latest version : $(curl -s -k https://raw.githubusercontent.com/leonteale/pentestpackage/master/PentestTool.sh | grep 'VERSION='| cut -d = -f 2 | awk {'print $1'} | head -1)"
					    echo ""
					    rm -f "/tmp/pentesttool31337.internetcheck.txt"
					    echo "Press Enter to return"
					else
						echo "$red Unable to connect to the internet to check version$normal"
						echo ""
					    echo "Press Enter to return"
						
					fi
					read enterkey;;
				

			4)  echo "Help text not implemented yet. "
				echo ""
				echo "Press Enter to return"

				read enterkey;;
				
			0) 	break
				;;

			*)	echo "That is not a valid choice"
				;;

		esac
	done
